/*
 * Licensed to the Apache Software Foundation (ASF) under one or more
 * contributor license agreements.  See the NOTICE file distributed with
 * this work for additional information regarding copyright ownership.
 * The ASF licenses this file to You under the Apache License, Version 2.0
 * (the "License"); you may not use this file except in compliance with
 * the License.  You may obtain a copy of the License at
 *
 *     http://www.apache.org/licenses/LICENSE-2.0
 *
 * Unless required by applicable law or agreed to in writing, software
 * distributed under the License is distributed on an "AS IS" BASIS,
 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 * See the License for the specific language governing permissions and
 * limitations under the License.
 */
package cn.tedu.mall.sso.controller;

import cn.tedu.mall.common.restful.JsonResult;
import cn.tedu.mall.sso.pojo.dto.AdminLoginDTO;
import cn.tedu.mall.sso.pojo.vo.TokenVO;
import cn.tedu.mall.sso.security.service.admin.IAdminSSOService;
import cn.tedu.mall.sso.utils.LoginUtils;
import io.swagger.annotations.Api;
import io.swagger.annotations.ApiOperation;
import javax.servlet.http.HttpServletRequest;
import javax.validation.Valid;
import lombok.extern.slf4j.Slf4j;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.beans.factory.annotation.Value;
import org.springframework.data.redis.core.RedisTemplate;
import org.springframework.security.core.Authentication;
import org.springframework.web.bind.annotation.GetMapping;
import org.springframework.web.bind.annotation.PostMapping;
import org.springframework.web.bind.annotation.RequestHeader;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RestController;

/**
 * <p>管理员单点登录控制器</p>
 */
@RestController
@RequestMapping("/admin/sso")
@Api(tags = "后台管理用户认证")
@Slf4j
public class AdminSSOController {
    /**
     * 测试代码
     *
     * @param authentication
     * @return
     */
    @Deprecated
    @GetMapping("/home")
    @ApiOperation(value = "测试用户数据认证对象生成问题")
    private JsonResult home(Authentication authentication) {
        return JsonResult.ok(authentication);
    }

    @Autowired
    private IAdminSSOService adminSSOService;
    @Value("${jwt.tokenHead}")
    private String jwtTokenHead;
    @Autowired
    private RedisTemplate redisTemplate;

    /**
     * <p>登录login</p>
     * <p>主要就是验证是否登录账号密码正确</p>
     */
    @ApiOperation(value = "后台单点登录认证登录")
    @PostMapping("/login")
    public JsonResult<TokenVO> doLogin(@Valid AdminLoginDTO adminLoginDTO, HttpServletRequest request) {
        //先补充数据
        String ip = LoginUtils.getIpAddress(request);
        log.info("远程ip地址:{}", ip);
        String sessionId = request.getSession().getId();
        /*String validCodeKey = CoolSharkStaticPrefixConfiguration.SSOPrefixConfiguration.VALID_CODE_PREFIX + ip + ":" + sessionId;
        ValueOperations operations = redisTemplate.opsForValue();
        String text = (String) operations.get(validCodeKey);*/
        /*if (StringUtils.isEmpty(text)) {
            throw new CoolSharkServiceException(ResponseCode.FORBIDDEN, "请先生成验证码");
        }*/
        /*if (!StringUtils.equalsIgnoreCase(text, adminLoginDTO.getValidCode())) {
            throw new CoolSharkServiceException(ResponseCode.FORBIDDEN, "验证码不正确");
        }*/
        //使用完,删除
        /*redisTemplate.delete(validCodeKey);*/
        log.info("远程ip地址:{}", ip);
        String userAgent = request.getHeader("User-Agent");
        log.info("远程客户端:{}", userAgent);
        adminLoginDTO.setIp(ip);
        adminLoginDTO.setUserAgent(userAgent);
        String token = adminSSOService.doLogin(adminLoginDTO);
        TokenVO tokenVO = new TokenVO();
        tokenVO.setTokenHeader(jwtTokenHead);
        tokenVO.setTokenValue(token);
        return JsonResult.ok(tokenVO);
    }

    /**
     * <p>登出logout</p>
     * <p>没有任何实际业务逻辑</p>
     */
    @ApiOperation(value = "单点登录认证登出")
    @PostMapping("/logout")
    public JsonResult doLogout(@RequestHeader(name = "Authorization") String token) {
        adminSSOService.doLogout(token);
        return JsonResult.ok();
    }

}
